-
×InformationWindows update impacting certain printer icons and names. Microsoft is working on a solution.
Click here to learn moreInformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
-
×InformationWindows update impacting certain printer icons and names. Microsoft is working on a solution.
Click here to learn moreInformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
- HP Community
- Poly Video Conferencing
- Meeting Room Solutions
- VSX 7000A - expired certificate
Create an account on the HP Community to personalize your profile and ask a question
10-22-2012 11:10 AM
Hello,
when connecting VSX 7000A using https I get an error about certificate expiration (2012-09-04).
IE9 has problems accepting such connections, FF can accept, but can't properly display all frames
what is the way to obtain valid certificate ? I've tried to update system with lastest software (Release 9.0.6.2-103) connected to public net (without proxy) - no result, maybe it must by only renewed by Poly ?
DS
Solved! Go to Solution.
Accepted Solutions
11-07-2012 01:03 PM
Hi, I just happened to experience the same issue with our VSX 7000 and found a solution.
Long story short, Microsoft released Windows Update KB2661254 sometime in Sept/Oct 2012 which sets a minimum requirement of 1024 bit keys for SSL certificates. The VSX 7000 uses a 512 bit key. To allow 512 bit keys on your Windows PC, you need to add this to your registry:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDLLCreateCertificateChainEngine\Config
Name: MinRsaPubKeyBitLength
Type: DWORD
Value: 512 decimal / 200 hex
Source:
10-31-2012 11:30 AM
I am experiencing the same issue as well with all of our VSX 7000e endpoints.
- When attempting to access a VSX's HTTPS web interface when using Internet Explorer 9, I get a prompt stating an invalid certificate (but no details), and clicking on the option to Continue and Ignore certificate error, nothing happens (the web page posts and goes immediately back to the Certificate Error warning)
- All of our VSX systems have Security Mode enabled. Disabling Security mode allows IE 9 to access the endpoint's web interface via standard HTTP. (HTTPS access is still rejected)
- We are using IE 9, with all advertised Windows Updates installed.
- Accessing the HTTPS Web interface via any other browser (Firefox, Chrome, Safari), acknowledges the certificate can't be trusted, BUT clicking ignore/continue properly loads the web interface content!
- Inspecting the certificate details on our VSX in Firefox shows that the cert CN is www.polycom.com (self-signed) and that its expiry date was set to Sept 29 2011.
- I can assume that this problem is strictly linked with IE 9; I took one of our endpoints out of our institution and connected it to my home network (Windows 7 with IE 9, all updates), and had the exact same problems attempting HTTPS session.
- We have two HDX 8000 in our organization; we can use IE 9 and HTTPS web interface works (certificate error is still shown, but clicking Continue works as it should). The certificates on the HDX are set to expire in 2022 🙂
-I can't recall for sure, but the last time I think one of us used IE 9 for HTTPS interaction to a VSX was over 6 months ago...
Like DS, I am assuming that maybe generating or updating the endpoint's self-signed certificate might fix the issue, so would there be anyone out there with some words of wisdom?
Thanks in advance for any tips or suggestions you might have.
Kenny G
11-07-2012 01:03 PM
Hi, I just happened to experience the same issue with our VSX 7000 and found a solution.
Long story short, Microsoft released Windows Update KB2661254 sometime in Sept/Oct 2012 which sets a minimum requirement of 1024 bit keys for SSL certificates. The VSX 7000 uses a 512 bit key. To allow 512 bit keys on your Windows PC, you need to add this to your registry:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDLLCreateCertificateChainEngine\Config
Name: MinRsaPubKeyBitLength
Type: DWORD
Value: 512 decimal / 200 hex
Source:
01-03-2013 08:55 AM
I have been updating passwords and software on all my company's Polycoms. I also ran into this problem on the VSX 7000s. I was finally able to access the security page after using the registry fix but still could not change the passwords. I found that version 9 software, the password change would not accept certain symbols. I then had to downgrade to version 8.7 for my password to be accepted. After changing the password I updated to version 9.062 and all was well.
01-07-2016 02:26 PM
Thank you for the solution. However, I have to wonder if it's a good idea to change that, system wide?
Is there no way to do it on a site by site basis instead?
I just use Chrome and it lets me bypass the cert error on a case by case basis, which seems much more secure.
Didn't find what you were looking for? Ask the community